Vulnerabilities > Debian > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-30 | CVE-2018-19777 | Infinite Loop vulnerability in multiple products In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool. | 5.5 |
| 2018-11-30 | CVE-2018-19758 | Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. | 4.3 |
| 2018-11-29 | CVE-2018-19497 | Out-of-bounds Read vulnerability in multiple products In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service (SEGV on unknown address with READ memory access in a tsk_getu16 call in hfs_dir_open_meta_cb in tsk/fs/hfs_dent.c). | 6.5 |
| 2018-11-29 | CVE-2018-8789 | Out-of-bounds Read vulnerability in multiple products FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault). | 5.0 |
| 2018-11-29 | CVE-2018-19662 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in libsndfile 1.0.28. | 5.8 |
| 2018-11-29 | CVE-2018-19661 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in libsndfile 1.0.28. | 4.3 |
| 2018-11-29 | CVE-2018-19626 | Use of Uninitialized Resource vulnerability in multiple products In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. | 5.5 |
| 2018-11-29 | CVE-2018-19625 | Out-of-bounds Read vulnerability in multiple products In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. | 5.5 |
| 2018-11-29 | CVE-2018-19624 | NULL Pointer Dereference vulnerability in multiple products In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. | 5.5 |
| 2018-11-28 | CVE-2018-16851 | NULL Pointer Dereference vulnerability in multiple products Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. | 4.0 |